PHP - How to define magic_quotes_gpc

Overview

You can Enable / Disable magic_quotes_gpc for php in your account by setting this directive in .htaccess in httpdocs folder:

php_flag magic_quotes_gpc On

or

php_flag magic_quotes_gpc Off

The magic_quotes_gpc is a function which automatically escape $_GET, $_POST and $_COOKIE variables. This cause a lot of (poorly written) PHP scripts out there which blindly rely on magic_quotes_gpc, to be wide open to various SQL/XSS-injections.

If you run a website that relies on magic_quotes_gpc for escaping user input, we strongly recommend that you disable access to such scripts until a version fixing this bug is released.